Users are increasingly performing tasks using remote computing resources, which may be offered through a shared-resource environment. This has many advantages, as users do not have to purchase and maintain dedicated hardware and software, and instead can pay for only those resources that are utilized at any given time, where those resources typically will be managed by a resource provider. Users can perform tasks such as storing data or executing applications using various types of resources offered by the resource provider. In some environments resources can be allocated on a task-specific basis. In order to enable the resources to be able to process the relevant tasks, those resources can be provided with access credentials for any data sources that might be required. In many instances only a subset of this access will be relevant for any given task, such that access granted under the credential will provide access to more data than is needed. This can present a security vulnerability in that a compromised resource can have access to other data in the environment.